﻿using System.Web;
using System.Web.Mvc;
using RHD.Common.Web.Utility;

namespace RHD.Web.Infrastructure.AuthorizeAttributes {
	public abstract class BaseAuthorizeAttribute : AuthorizeAttribute {

		protected override bool AuthorizeCore(HttpContextBase httpContext) {
			SessionManager session = new SessionManager(HttpContext.Current.Session);
			Principal principal = session.GetData<Principal>(SessionTypes.PRINCIPAL);
			if (principal == null)
				return false;

			return this.AuthorizePrincipal(principal);
		}

		protected virtual bool AuthorizePrincipal(Principal principal) {
			return false;
		}
	}
}